Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

ICO to Police: Go Slow on Facial Recognition

The UK’s privacy watchdog has raised “serious concerns” about police use of facial recognition technology, and called for the introduction of a statutory code of practice to govern when and how it should be deployed.

There have been numerous complaints from lawmakers, rights groups and members of the public in the past about how police are using the technology in public spaces, with many arguing that trials are being run covertly and that those members of the public covering their faces are assumed to be hiding something.

Big Brother Watch released a report last year claiming live facial recognition (LFR) systems being used by the Met police are 98-100% inaccurate.

Information commissioner Elizabeth Denham argued in a blog post yesterday that the ICO’s investigation into LFR use by the Met and South Wales Police had raised “serious concerns about the use of a technology that relies on huge amounts of sensitive personal information.”

“We found that the current combination of laws, codes and practices relating to LFR will not drive the ethical and legal approach that’s needed to truly manage the risk that this technology presents,” she added.

Denham argued that a recent court ruling in which a judge said South Wales Police force’s use of LFR was lawful, should not be seen as a blanket authorization.

Instead, police forces across the country must follow her first Commissioner’s Opinion, announced yesterday.

This stipulates that police must follow current data protection laws — de facto the GDPR — during trials and full deployment, and that the use of facial images constitutes “sensitive processing” under this legislation. This applies whether an image produces a match on a watchlist or if it is subsequently deleted.

Data controllers must identify a lawful basis for the use of LFR and data protection laws apply to the whole process — “from consideration about the necessity and proportionality for deployment, the compilation of watchlists, the processing of the biometric data through to the retention and deletion of that data.”

In short, the ICO is telling UK police to slow down in their use of LFR, and ensure it is justified and done lawfully.

The watchdog said it would be working with the relevant authorities to produce a statutory and binding code of practice issued by the government on LFR use in public places.

In the US, there has been something of a backlash against LFR of late, with local authorities implementing bans on its use.

What’s Hot on Infosecurity Magazine?